When Security is a Question of Life or Death
Readers of a certain age will remember the thrill of a ‘90s chat room — strangers from anywhere suddenly in your living room — but, by now, the wonders of telecom are squarely ordinary: Send messages across the world instantaneously? Check. Stream a live opera in Prague from a studio apartment in Poughkeepsie? Check. Run a business from your bedroom? Check.
But even those of us who are a bit jaded by technological advances have to admit that the idea of telesurgery — surgery performed by a physician using a remote-controlled robot over the Internet — is pretty cool.
And yet, it’s not really new: The first successful telesurgery took place in 2001, when a surgeon in New York removed the gallbladder of his 68-year-old patient in Strasbourg, France. “Operation Lindbergh,” as it came to be known, could have been the triumphant start of a global health innovation — but, in the years since, telesurgery has been hampered by slow advances in robotics and communication networks.
Today, doctors typically use robots to operate on a patient in the same room — and they do so using a secure, hardwired connection. Next-gen robots need to work on open networks — in war zones, at disaster sites, and on-call at other remote locations — but network and connectivity issues have been severely limiting. Until now.
The emergence of 5G has been a game changer for the field: Medical teams have an extremely fast network connection at their disposal — but this major advance brings with it major exposure, and now the threats posed by cyber attacks loom large.
Think about it: Assuming everything else in a procedure goes smoothly — the robot works as designed, the surgeon is confident and well-rested, and local staff are standing by — the network connection is a potential vulnerability. A cybercriminal infiltrating the software could dictate the robot’s movements — a breach with potentially fatal consequences. Incorporating security measures is critical to making telesurgery safe — and to promoting its widespread adoption.
To see just how precarious a telesurgery could be, engineers at the University of Washington (UW) tested an open source teleoperated robot, the Raven II. One group (the “surgeons”) set up the Raven II on a table and directed it to pick up and move blocks around while their colleagues (the “attackers”) used common cyberattack methods to disrupt the process.
The attackers were able to override or alter commands from the surgeons, making it difficult for the robot to perform simple actions like grasping the blocks. They also flooded the Raven II with trash data in a denial-of-service attack, resulting in jerky movements. In a real surgery where precision can mean life or death, this simulation exposed a serious risk factor. Finally, the offensive team triggered the robot’s emergency stop mechanism, halting the simulated surgery altogether.
The best way to guard against such attacks is to only perform a telesurgery across a completely secured private network — which, one could argue, minimizes the value of the invention. To address this, the team at UW is working on using machine learning to authenticate a user — the robot would be able to analyze the user’s interactions and create a unique “operator signature.” Along with human monitoring, we may yet be able to create a safeguard in which a surgery can at least be halted before an attacker can do fatal harm.
For the time being, researchers will continue testing and developing telesurgery until its safety measures are as robust and secure as a local procedure would be. In a world where everyone and everything is connected, technology advances are only as valuable as they are secure.